This repository holds all the Ansible configuration files for d4g infrastructure.

This repository is organised as such :

• playbooks/ holds the playbooks to be applied to hosts. Each playbook represents a combination of roles representing a service (e.g. the d4g-proxy playbook requires the docker and acme.sh roles)
• roles/services holds service ansible roles. They are used to setup the specific parts of a service (e.g. docker-compose configuration, etc.)
• roles/utilities holds utility standalone ansible roles, which can be composed and used in playbooks (e.g. the docker role installs docker)

As all our d4g repositories, d4g-ansible comes with a bin/setup utility to install most of the required dependencies on your machine. The only hard dependency is nodejs, which we leave up to the user to install however they want and configure. Nodejs is required by bitwarden's CLI.

To install dependencies and setup the repo, run

bin/setup

You are now ready to run the playbooks.

DO NOT RUN PLAYBOOKS DIRECTLY USING ansible-playbook AS DOING THIS WILL REMOVE ALL SHARED SECRETS AND BREAK YOUR DEPLOYMENT. PLEASE USE bin/d4g-ansible AS DETAILED BELOW

You can run a playbook using the following command :

bin/d4g-ansible playbook playbooks/swarm-production.yml --diff --verbose

You can apply only specific tagged steps by using the --tags flag :

bin/d4g-ansible playbook playbooks/swarm-production.yml --diff --verbose --tags=acme

You can also limit the apply to a specific host in the inventory using the --limit flag :

bin/d4g-ansible playbook playbooks/swarm-production.yml --diff --verbose --limit=metal-1.dataforgood.fr